All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Inspector general report: NIST mismanagement has crippled the National Vulnerability Database with 27,000+ unprocessed vulnerabilities

By

Suzanne Smalley

8d ago· 4 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

A five-star bake. Worth schmearing, sharing, saving.

Score80TypenewsSentimentnegative

Summary

A Department of Commerce inspector general report reveals that NIST's National Vulnerability Database (NVD) has been severely crippled by mismanagement and strategic failures. The backlog of unprocessed security vulnerabilities ballooned from 13,000 in February 2024 to over 27,000 by the end of 2025, undermining the database's utility and public trust. The NVD is a critical cybersecurity tool used by organizations worldwide to track and respond to security threats.

Key quotes

· 2 pulled
undermining the NVD's utility and public trust
The NVD is a critical tool that
Snippet from the RSS feed
NIST’s National Vulnerability Database (NVD) backlog mushroomed from 13,000 unprocessed security vulnerabilities in February 2024 to more than 27,000 by the end of 2025, “undermining the NVD’s utility and public trust," according to an inspector general r

You might also wanna read

NIST Announces Policy Change: National Vulnerability Database to Stop Enriching Most CVEs

The US National Institute of Standards and Technology (NIST) has announced a significant policy change for the National Vulnerability Databa

risky.biz·1mo ago

MongoDB Security Update: Vulnerability CVE-2025-14847 ("Mongobleed") Identified in December 2025

MongoDB has identified a security vulnerability (CVE-2025-14847, informally called "Mongobleed") affecting MongoDB Server. The company outli

mongodb.com·5mo ago

MongoBleed Vulnerability (CVE-2025-14847): Critical MongoDB Security Flaw Explained

MongoBleed (CVE-2025-14847) is a critical security vulnerability affecting MongoDB databases since 2017. The bug exists in the zlib1 message

bigdata.2minutestreaming.com·5mo ago

PBKDF2 JS Lib: Improper Input Validation Vulnerability

nvd.nist.gov·11mo ago

LLM-powered scanners set to overwhelm open source maintainers with security vulnerabilities by 2026

The article warns that by summer 2026, LLM-powered code scanners will dramatically increase the rate of security vulnerability discoveries i

metabase.com·25d ago

Challenges in Reporting Vulnerabilities in Belgian Banking System

The article discusses the author's experience with reporting a vulnerability in a Belgian bank's online platform through the Coordinated Vul

devae.re·10mo ago